How Do I Connect On-Premises Active Directory With Google Cloud?
Introduction
Integrating on-premises Active Directory with Google Cloud is essential for organizations looking to extend their existing identity management infrastructure to the cloud. This connection facilitates seamless access to cloud resources while maintaining centralized control over user authentication and authorization. In this guide, we will walk through the process of connecting an on-premises Active Directory with Google Cloud by creating a Managed Microsoft AD domain in Google Cloud and establishing a peering connection between the on-premises network and Google Cloud.
Step-by-Step Process
Create a Managed Microsoft AD Domain:
- Use the
gcp.activedirectory.Domainresource to create a Managed Microsoft AD domain in Google Cloud. This domain will serve as the cloud-based extension of your on-premises Active Directory.
- Use the
Set Up a Peering Connection:
- Establish a peering connection between your on-premises network and Google Cloud using the
gcp.activedirectory.Peeringresource. This connection allows for secure communication and data exchange between the two environments.
- Establish a peering connection between your on-premises network and Google Cloud using the
Below is the Pulumi program that implements these steps:
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
// Create a Managed Microsoft AD domain
const adDomain = new gcp.activedirectory.Domain("adDomain", {
domainName: "example.com",
reservedIpRange: "10.0.0.0/24",
locations: ["us-central1"],
project: "my-gcp-project",
});
// Set up a peering connection
const peering = new gcp.activedirectory.Peering("adPeering", {
domainResource: adDomain.id,
authorizedNetwork: "projects/my-gcp-project/global/networks/my-vpc-network",
peeringId: "my-peering",
project: "my-gcp-project",
});
// Export the domain name and peering connection details
export const domainName = adDomain.domainName;
export const peeringId = peering.peeringId;
Key Points
- Managed Microsoft AD Domain: The
gcp.activedirectory.Domainresource is used to create a Managed Microsoft AD domain within Google Cloud. - Peering Connection: The
gcp.activedirectory.Peeringresource facilitates the setup of a peering connection, enabling communication between the on-premises network and Google Cloud. - Exports: The program exports the domain name and peering connection ID for easy reference and integration.
Summary
By following this guide, you can successfully set up a Managed Microsoft AD domain in Google Cloud and establish a peering connection to your on-premises network. This integration provides a unified identity management solution, enhancing the security and efficiency of accessing Google Cloud services.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.